Check an email address

GET

/domaincheck

Verify whether an email address belongs to a disposable or temporary
email provider and get a risk assessment.

The API runs an additive risk scoring engine that combines multiple signals:

Domain database — matches against 100k+ known disposable domains

MX fingerprinting — detects shared disposable email infrastructure

Safe provider detection — recognises Google Workspace, Microsoft 365, etc.

Domain age — flags newly registered domains via RDAP

DNS posture — checks SPF and DMARC configuration

Local-part analysis — detects placeholder and gibberish patterns

Request

Authorization

Bearer Token

Provide your bearer token in the

Authorization

header when making requests to protected resources.

Example:

Authorization: Bearer ********************

Query Params

Responses

🟢200CheckSuccess

application/json

Email check completed successfully.

Headers

Bodyapplication/json

🟠401Unauthorized

🟠403Forbidden

🟠422ValidationError

🟠429RateLimited

🔴500InternalError

Request Example

Shell

JavaScript

Java

Swift

curl --location 'https://api.istmp.email/domaincheck?email=user%40tempmail.com' \
--header 'Authorization: Bearer <token>'

Response Example

200 - disposable

Disposable email detected

{"status":true,"errors":[],"info":{"is_tmp":true,"result":"disposable","decision":"block","risk_score":85,"signals":{"domain_in_db":true,"domain_age_days":30,"domain_age_available":true,"mx_valid":true,"mx_fingerprint_match":false,"mx_fingerprint_provider":null,"has_spf":false,"has_dmarc":false,"local_part_entropy":0.811,"local_part_placeholder":false,"local_part_gibberish":false,"plus_addressing":false,"safe_provider":false},"reasons":["disposable_domain"]}}

Modified at 2026-03-26 05:13:58

Intro

CheckResult